Fix bls short sig verification on hex. Closes gh-124

paulmillr · Mar 1, 2024 · 32bda79 · 32bda79
1 parent 38a4ca1
commit 32bda79
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 1 deletion.
diff --git a/src/bls12-381.ts b/src/bls12-381.ts
@@ -1364,7 +1364,7 @@ export const bls12_381: CurveFn<Fp, Fp2, Fp6, Fp12> = bls({
       fromHex(hex: Hex): ProjPointType<Fp2> {
         const { infinity, sort, value } = parseMask(ensureBytes('signatureHex', hex));
         const P = Fp.ORDER;
-        const half = hex.length / 2;
+        const half = value.length / 2;
         if (half !== 48 && half !== 96)
           throw new Error('Invalid compressed signature length, must be 96 or 192');
         const z1 = bytesToNumberBE(value.slice(0, half));

diff --git a/test/bls12-381.test.js b/test/bls12-381.test.js
@@ -1173,6 +1173,8 @@ describe('verify()', () => {
       const pub = bls.getPublicKey(priv);
       const res = bls.verify(sig, msg, pub);
       deepStrictEqual(res, true, `${priv}-${msg}`);
+      const resHex = bls.verify(bytesToHex(sig), msg, pub);
+      deepStrictEqual(resHex, true, `${priv}-${msg}-hex`);
     }
   });
   should('not verify signature with wrong message', () => {
@@ -1193,6 +1195,8 @@ describe('verify()', () => {
       const invPub = bls.getPublicKey(invPriv);
       const res = bls.verify(sig, msg, invPub);
       deepStrictEqual(res, false);
+      const resHex = bls.verify(bytesToHex(sig), msg, invPub);
+      deepStrictEqual(resHex, false);
     }
   });
   should('verify signed message (short signatures)', () => {
@@ -1202,6 +1206,8 @@ describe('verify()', () => {
       const pub = bls.getPublicKeyForShortSignatures(priv);
       const res = bls.verifyShortSignature(sig, msg, pub);
       deepStrictEqual(res, true, `${priv}-${msg}`);
+      const resHex = bls.verifyShortSignature(bytesToHex(sig), msg, pub);
+      deepStrictEqual(resHex, true, `${priv}-${msg}`);
     }
   });
   should('not verify signature with wrong message (short signatures)', () => {
@@ -1212,6 +1218,8 @@ describe('verify()', () => {
       const pub = bls.getPublicKeyForShortSignatures(priv);
       const res = bls.verifyShortSignature(sig, invMsg, pub);
       deepStrictEqual(res, false);
+      const resHex = bls.verifyShortSignature(bytesToHex(sig), invMsg, pub);
+      deepStrictEqual(resHex, false);
     }
   });
   should('not verify signature with wrong key', () => {
@@ -1222,6 +1230,8 @@ describe('verify()', () => {
       const invPub = bls.getPublicKeyForShortSignatures(invPriv);
       const res = bls.verifyShortSignature(sig, msg, invPub);
       deepStrictEqual(res, false);
+      const resHex = bls.verifyShortSignature(bytesToHex(sig), msg, invPub);
+      deepStrictEqual(resHex, false);
     }
   });
   describe('batch', () => {
@@ -1234,6 +1244,10 @@ describe('verify()', () => {
           const signatures = messages.map((message, i) => bls.sign(message, privateKeys[i]));
           const aggregatedSignature = bls.aggregateSignatures(signatures);
           deepStrictEqual(bls.verifyBatch(aggregatedSignature, messages, publicKey), true);
+          deepStrictEqual(
+            bls.verifyBatch(bytesToHex(aggregatedSignature), messages, publicKey),
+            true
+          );
         })
       );
     });
@@ -1252,6 +1266,10 @@ describe('verify()', () => {
             bls.verifyBatch(aggregatedSignature, wrongMessages, publicKey),
             messages.every((m, i) => m === wrongMessages[i])
           );
+          deepStrictEqual(
+            bls.verifyBatch(bytesToHex(aggregatedSignature), wrongMessages, publicKey),
+            messages.every((m, i) => m === wrongMessages[i])
+          );
         })
       );
     });
@@ -1274,6 +1292,10 @@ describe('verify()', () => {
               bls.verifyBatch(aggregatedSignature, messages, wrongPublicKeys),
               wrongPrivateKeys.every((p, i) => p === privateKeys[i])
             );
+            deepStrictEqual(
+              bls.verifyBatch(bytesToHex(aggregatedSignature), messages, wrongPublicKeys),
+              wrongPrivateKeys.every((p, i) => p === privateKeys[i])
+            );
           }
         )
       );
@@ -1287,6 +1309,10 @@ describe('verify()', () => {
           const aggregatedSignature = bls.aggregateSignatures(signatures);
           const aggregatedPublicKey = bls.aggregatePublicKeys(publicKey);
           deepStrictEqual(bls.verify(aggregatedSignature, message, aggregatedPublicKey), true);
+          deepStrictEqual(
+            bls.verify(bytesToHex(aggregatedSignature), message, aggregatedPublicKey),
+            true
+          );
         })
       );
     });
@@ -1302,6 +1328,10 @@ describe('verify()', () => {
             bls.verify(aggregatedSignature, wrongMessage, aggregatedPublicKey),
             message === wrongMessage
           );
+          deepStrictEqual(
+            bls.verify(bytesToHex(aggregatedSignature), wrongMessage, aggregatedPublicKey),
+            message === wrongMessage
+          );
         })
       );
     });